function smarty_function_pico_ef_list($params, &$smarty) { $mydirname = @$params['dir'] . @$params['dirname']; $cat_ids = @$params['id'] . @$params['cat_id']; $sortby = empty($params['sortby']) ? '' : $params['sortby']; $order = empty($params['order']) ? '' : $params['order']; $limit_params = @$params['limit']; $template = @$params['template']; $var_name = @$params['item'] . @$params['assign']; //errors if (empty($mydirname)) { $mydirname = $smarty->get_template_vars('mydirname'); } if (empty($mydirname)) { echo 'error ' . __FUNCTION__ . ' [specify dirname]'; return; } $error_vals = array('created_time_formatted', 'modified_time_formatted', 'expiring_time_formatted'); if (in_array($sortby, $error_vals)) { echo 'error ' . __FUNCTION__ . ' [please use unixtime format]'; return; } //fetch and unserialize require_once XOOPS_ROOT_PATH . '/modules/' . $mydirname . '/blocks/blocks.php'; $contents = b_pico_list_show(array($mydirname, $cat_ids, '', $limit_params, $template, 'disable_renderer' => true)); $default_vals = array('link', 'poster_uname', 'modifier_uname', 'votes_avg', 'subject', 'body', 'tags_array', 'cat_title', 'can_vote', 'id', 'created_time_formatted', 'modified_time_formatted', 'expiring_time_formatted', 'subject_raw', 'body_raw', 'isadminormod', 'public', 'can_read', 'can_readfull', 'can_edit', 'can_delete', 'content_id', 'permission_id', 'vpath', 'cat_id', 'weight', 'created_time', 'modified_time', 'expiring_time', 'last_cached_time', 'poster_uid', 'poster_ip', 'modifier_uid', 'modifier_ip', 'subject_waiting', 'locked', 'visible', 'approval', 'use_cache', 'allow_comment', 'show_in_navi', 'show_in_menu', 'viewed', 'votes_sum', 'votes_count', 'comments_count', 'htmlheader', 'htmlheader_waiting', 'body_waiting', 'body_cached', 'filters', 'tags', 'extra_fields', 'redundants', 'for_search'); foreach ($contents['contents'] as $k => $v) { $unserialized_ef = pico_common_unserialize($v['extra_fields']); $contents['contents'][$k]['extra_fields_items'] = $unserialized_ef; if (in_array($sortby, $default_vals)) { $contents['contents'][$k]['extra_fields_sortby'] = $v[$sortby]; } elseif (strpos($sortby, 'dateof_') === 0) { $udate = pico_common_get_server_timestamp(strtotime($unserialized_ef[$sortby])); $contents['contents'][$k]['extra_fields_sortby'] = $udate; } else { $contents['contents'][$k]['extra_fields_sortby'] = $unserialized_ef[$sortby]; } $contents['contents'][$k]['extra_fields_count'] = count($unserialized_ef); } // $contents['contents']['count'] = count( $contents['contents'] ) ; //sort foreach ($contents['contents'] as $key => $row) { $extra_fields_sortby[$key] = $row['extra_fields_sortby']; } if ($order == 'SORT_DESC' || $order == 'DESC') { array_multisort($extra_fields_sortby, SORT_DESC, $contents['contents']); } else { array_multisort($extra_fields_sortby, SORT_ASC, $contents['contents']); } // assign or display if ($var_name) { $smarty->assign($var_name, $contents['contents']); $smarty->assign($var_name . '_count', count($contents['contents'])); } else { echo '<pre>'; var_dump(@$contents['contents']); echo '</pre>'; } }
function pico_get_requests4content($mydirname, &$errors, &$auto_approval, &$isadminormod, $content_id = 0) { global $xoopsUser; $myts =& MyTextSanitizer::getInstance(); $db =& Database::getInstance(); $picoPermission =& PicoPermission::getInstance(); $permissions = $picoPermission->getPermissions($mydirname); // First, fetch $cat_id $cat_id = intval(@$_POST['cat_id']); // requested category object $newCategoryObj =& new PicoCategory($mydirname, $cat_id, $permissions); if ($newCategoryObj->isError()) { redirect_header(XOOPS_URL . "/modules/{$mydirname}/index.php", 2, _MD_PICO_ERR_READCATEGORY); exit; } // recheck permissions and reload $config $mod_config = $newCategoryObj->getOverriddenModConfig(); $cat_data = $newCategoryObj->getData(); $auto_approval = $auto_approval && $cat_data['post_auto_approved']; $isadminormod = $isadminormod && $cat_data['isadminormod']; // build filters $filters = array(); foreach ($_POST as $key => $val) { if (substr($key, 0, 15) == 'filter_enabled_' && $val) { $name = str_replace('..', '', substr($key, 15)); $constpref = '_MD_PICO_FILTERS_' . strtoupper($name); $filter_file = dirname(dirname(__FILE__)) . '/filters/pico_' . $name . '.php'; if (!file_exists($filter_file)) { continue; } require_once $filter_file; if (!$isadminormod && defined($constpref . 'ISINSECURE')) { continue; } $filters[$name] = intval(@$_POST['filter_weight_' . $name]); } } asort($filters); // forced filters $filters_forced = array_map('trim', explode(',', $mod_config['filters_forced'])); foreach ($filters_forced as $filter_forced) { $regs = explode(':', $filter_forced); if (stristr($filter_forced, ':LAST')) { $filters[$regs[0]] = 0; } else { $filters = array($regs[0] => 0) + $filters; } } // prohibited filters $filters_prohibited = array_map('trim', explode(',', $mod_config['filters_prohibited'])); foreach ($filters_prohibited as $filter_prohibited) { unset($filters[$filter_prohibited]); } $ret = array('cat_id' => $cat_id, 'vpath' => trim($myts->stripSlashesGPC(@$_POST['vpath'])), 'subject' => $myts->stripSlashesGPC(@$_POST['subject']), 'htmlheader' => $myts->stripSlashesGPC(@$_POST['htmlheader']), 'body' => $myts->stripSlashesGPC(@$_POST['body']), 'filters' => implode('|', array_keys($filters)), 'tags' => trim($myts->stripSlashesGPC(@$_POST['tags'])), 'weight' => intval(@$_POST['weight']), 'use_cache' => empty($_POST['use_cache']) ? 0 : 1, 'show_in_navi' => empty($_POST['show_in_navi']) ? 0 : 1, 'show_in_menu' => empty($_POST['show_in_menu']) ? 0 : 1, 'allow_comment' => empty($_POST['allow_comment']) ? 0 : 1, 'categoryObj' => $newCategoryObj); // tags (finding a custom tag filter for each languages) $custom_tag_filter_file = dirname(dirname(__FILE__)) . '/language/' . $GLOBALS['xoopsConfig']['language'] . '/tag_filter.phtml'; if (file_exists($custom_tag_filter_file)) { require_once $custom_tag_filter_file; $tags_array = pico_custom_tag_filter($ret['tags']); } else { $tags_array = preg_split('/\\s+/', preg_replace('/[\\x00-\\x2f:-@\\x5b-\\x60\\x7b-\\x7f]/', ' ', $ret['tags'])); } $ret['tags'] = trim(implode(' ', array_unique($tags_array))); // vpath duplication check if ($ret['vpath']) { while (1) { list($count) = $db->fetchRow($db->query("SELECT COUNT(*) FROM " . $db->prefix($mydirname . "_contents") . " WHERE vpath='" . mysql_real_escape_string($ret['vpath']) . "' AND content_id<>" . intval($content_id))); if (empty($count)) { break; } $ext = strrchr($ret['vpath'], '.'); if ($ext) { $ret['vpath'] = str_replace($ext, '.1' . $ext, $ret['vpath']); } else { $ret['vpath'] .= '.1'; } $errors[] = _MD_PICO_ERR_DUPLICATEDVPATH; } } // approval if ($auto_approval) { $ret += array('subject_waiting' => '', 'htmlheader_waiting' => '', 'body_waiting' => '', 'visible' => empty($_POST['visible']) ? 0 : 1, 'approval' => 1); } else { $ret += array('subject_waiting' => $myts->stripSlashesGPC(@$_POST['subject']), 'htmlheader_waiting' => $myts->stripSlashesGPC(@$_POST['htmlheader']), 'body_waiting' => $myts->stripSlashesGPC(@$_POST['body']), 'visible' => 0, 'approval' => 0); } // created_time,modified_time,poster_uid,modifier_uid,locked if ($isadminormod) { $ret['specify_created_time'] = empty($_POST['specify_created_time']) ? 0 : 1; $ret['specify_modified_time'] = empty($_POST['specify_modified_time']) ? 0 : 1; $ret['specify_expiring_time'] = empty($_POST['specify_expiring_time']) ? 0 : 1; if ($ret['specify_created_time'] && strtotime(@$_POST['created_time']) != -1) { $created_time_safe = preg_replace('#[^\\s0-9a-zA-Z:+/-]#', '', $_POST['created_time']); $ret['created_time_formatted'] = $created_time_safe; $ret['created_time'] = pico_common_get_server_timestamp(strtotime($_POST['created_time'])); } if ($ret['specify_modified_time'] && strtotime(@$_POST['modified_time']) != -1) { $modified_time_safe = preg_replace('#[^\\s0-9a-zA-Z:+/-]#', '', $_POST['modified_time']); $ret['modified_time_formatted'] = $modified_time_safe; $ret['modified_time'] = pico_common_get_server_timestamp(strtotime($_POST['modified_time'])); } if ($ret['specify_expiring_time'] && strtotime(@$_POST['expiring_time']) != -1) { $expiring_time_safe = preg_replace('#[^\\s0-9a-zA-Z:+/-]#', '', $_POST['expiring_time']); $ret['expiring_time_formatted'] = $expiring_time_safe; $ret['expiring_time'] = pico_common_get_server_timestamp(strtotime($_POST['expiring_time'])); } $ret['locked'] = empty($_POST['locked']) ? 0 : 1; if (isset($_POST['poster_uid'])) { $ret['poster_uid'] = pico_main_get_uid($_POST['poster_uid']); } if (isset($_POST['modifier_uid'])) { $ret['modifier_uid'] = pico_main_get_uid($_POST['modifier_uid']); } } // HTML Purifier in Protector (only for PHP5) //'htmlpurify_except' , if (substr(PHP_VERSION, 0, 1) != 4 && file_exists(XOOPS_TRUST_PATH . '/modules/protector/library/HTMLPurifier.auto.php')) { if (is_object($xoopsUser)) { $purifier_enable = sizeof(array_intersect($xoopsUser->getGroups(), @$mod_config['htmlpurify_except'])) == 0; } else { $purifier_enable = true; } $purifier_enable = $purifier_enable && !isset($filters['htmlspecialchars']); if ($purifier_enable) { require_once XOOPS_TRUST_PATH . '/modules/protector/library/HTMLPurifier.auto.php'; $config = HTMLPurifier_Config::createDefault(); $config->set('Cache', 'SerializerPath', XOOPS_TRUST_PATH . '/modules/protector/configs'); $config->set('Core', 'Encoding', _CHARSET); //$config->set('HTML', 'Doctype', 'HTML 4.01 Transitional'); $purifier = new HTMLPurifier($config); $ret['body'] = $purifier->purify($ret['body']); } } // extra_fields (read ef class and create the object) $ef_class = empty($mod_config['extra_fields_class']) ? 'PicoExtraFields' : $mod_config['extra_fields_class']; require_once dirname(dirname(__FILE__)) . '/extra_fields/' . $ef_class . '.class.php'; $ef_obj =& new $ef_class($mydirname, $newCategoryObj, $content_id); $ret['extra_fields'] = $ef_obj->getSerializedRequestsFromPost(); $ret['ef_obj'] = $ef_obj; return $ret; }